Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/7bd729-98e5-43ff-afe6-187b1f77c1a5/1/oJS1a-JH0bOYbmFBAVfHoWq0n3Y.roa
File: oJS1a-JH0bOYbmFBAVfHoWq0n3Y.roa (raw, json)
Hash identifier: 9os6PKzr8BlETOaet8qjLrJAnPc1p46zqdpIbeWAgS4=
Subject key identifier: A0:94:B5:6B:E2:47:D1:B3:98:6E:61:41:01:57:C7:A1:6A:B4:9F:76
Certificate issuer: /CN=4c93029c5b2639cd29b9f9dd5294cc94ef52d6af
Certificate serial: 018A1C90B3B1C0D9636FF8A328979660857D
Authority key identifier: 4C:93:02:9C:5B:26:39:CD:29:B9:F9:DD:52:94:CC:94:EF:52:D6:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TJMCnFsmOc0pufndUpTMlO9S1q8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/7bd729-98e5-43ff-afe6-187b1f77c1a5/1/oJS1a-JH0bOYbmFBAVfHoWq0n3Y.roa
Signing time: Tue 22 Aug 2023 09:25:59 +0000
ROA not before: Tue 22 Aug 2023 09:25:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48707
IP address blocks: 185.238.137.0/24 maxlen: 24
195.2.208.0/24 maxlen: 24
195.2.209.0/24 maxlen: 24
185.253.212.0/24 maxlen: 24
185.253.213.0/24 maxlen: 24
185.253.214.0/24 maxlen: 24
185.253.215.0/24 maxlen: 24
91.230.202.0/24 maxlen: 24
91.230.203.0/24 maxlen: 24
91.230.204.0/24 maxlen: 24
91.230.205.0/24 maxlen: 24
91.230.200.0/24 maxlen: 24
91.230.201.0/24 maxlen: 24
185.237.30.0/24 maxlen: 24
185.237.31.0/24 maxlen: 24
185.237.28.0/24 maxlen: 24
185.237.29.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 30 Aug 2023 07:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1c:90:b3:b1:c0:d9:63:6f:f8:a3:28:97:96:60:85:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c93029c5b2639cd29b9f9dd5294cc94ef52d6af
Validity
Not Before: Aug 22 09:25:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a094b56be247d1b3986e61410157c7a16ab49f76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:60:d2:aa:2b:bc:11:27:04:2a:1f:53:98:56:
7d:b0:64:25:b6:a4:cc:32:ad:f2:ef:aa:19:1e:2c:
e3:71:a1:79:a1:25:1f:5c:8e:55:6f:42:db:5f:7c:
d8:bd:f9:e4:85:17:40:7e:05:3b:d9:15:2d:6f:73:
12:90:f2:64:07:77:ba:83:bc:a7:06:39:d6:5a:67:
98:20:61:10:36:50:2a:ab:77:cc:7b:ee:3e:97:18:
b8:12:0e:c6:a5:d5:94:69:0c:f8:a3:1c:d5:b7:0f:
a7:2c:88:56:cd:f9:70:4c:fb:eb:23:25:2e:7f:92:
c9:6a:d3:17:32:02:75:0e:aa:a3:1a:9b:77:04:78:
ea:25:1b:b0:bf:1f:17:5d:ed:21:c0:63:a1:2c:0d:
8e:39:e4:88:73:1a:9e:25:e0:5b:6e:d8:c1:72:b0:
98:e4:26:0a:cb:73:2a:33:f3:43:6a:25:8f:a1:a1:
66:c3:4c:67:eb:1d:9e:fc:4c:5b:d1:58:f1:10:4e:
71:10:ff:dc:4b:bc:e3:03:a6:fc:6b:32:a8:87:40:
74:6f:17:a1:8d:af:1a:6b:ae:3e:fb:87:04:9a:2e:
bf:84:b4:92:04:b7:74:57:f1:55:de:51:45:b5:4e:
11:37:37:e7:0b:6a:3e:40:aa:5c:7e:d3:20:bb:0f:
f1:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:94:B5:6B:E2:47:D1:B3:98:6E:61:41:01:57:C7:A1:6A:B4:9F:76
X509v3 Authority Key Identifier:
keyid:4C:93:02:9C:5B:26:39:CD:29:B9:F9:DD:52:94:CC:94:EF:52:D6:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TJMCnFsmOc0pufndUpTMlO9S1q8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/7bd729-98e5-43ff-afe6-187b1f77c1a5/1/oJS1a-JH0bOYbmFBAVfHoWq0n3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/7bd729-98e5-43ff-afe6-187b1f77c1a5/1/TJMCnFsmOc0pufndUpTMlO9S1q8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.200.0-91.230.205.255
185.237.28.0/22
185.238.137.0/24
185.253.212.0/22
195.2.208.0/23
Signature Algorithm: sha256WithRSAEncryption
6e:aa:2d:d6:e4:ed:61:8c:f7:c0:8f:4d:c5:b6:ed:b1:72:0e:
ab:20:2f:03:e1:e7:e4:58:48:c6:6a:aa:bc:91:9c:6e:e2:cf:
68:c2:6c:3a:74:46:42:dd:bc:a9:6c:7e:63:48:87:76:45:fb:
ee:66:86:e7:57:3d:49:2d:6c:4b:9b:e0:59:c4:ab:b7:b8:ca:
86:16:ee:59:37:13:6d:ea:28:86:50:7c:ed:77:e9:90:ed:f0:
1b:af:c8:8d:f2:fb:38:d3:2a:c4:b8:ba:5b:05:6e:ba:28:0d:
77:41:97:0a:d5:98:0e:d6:b5:a2:71:20:6f:fa:cc:11:6a:93:
b9:e5:b6:d1:43:b6:c5:1b:d1:32:1a:a9:bf:9c:db:53:24:87:
e6:64:2b:08:6c:06:db:4e:60:04:9c:89:74:56:cc:de:fb:10:
7d:7a:1e:d4:7e:4c:e7:18:60:b1:b2:dc:ab:46:5f:f1:83:58:
a8:89:4f:49:bf:2c:8e:65:25:9a:a9:06:81:43:11:3b:34:12:
2a:15:d6:54:35:64:ce:e0:a6:33:b6:4a:9d:4c:67:09:6c:5d:
e1:c7:51:06:f6:3c:d5:ad:f0:39:bb:ee:de:59:65:32:83:17:
00:34:35:d3:ea:d9:ea:f7:17:1c:36:88:a2:09:54:71:7e:4c:
eb:89:ff:b0
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYockLOxwNljb/ijKJeWYIV9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjOTMwMjljNWIyNjM5Y2QyOWI5ZjlkZDUyOTRjYzk0ZWY1
MmQ2YWYwHhcNMjMwODIyMDkyNTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDk0YjU2YmUyNDdkMWIzOTg2ZTYxNDEwMTU3YzdhMTZhYjQ5Zjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl2DSqiu8EScEKh9TmFZ9sGQltqTM
Mq3y76oZHizjcaF5oSUfXI5Vb0LbX3zYvfnkhRdAfgU72RUtb3MSkPJkB3e6g7yn
BjnWWmeYIGEQNlAqq3fMe+4+lxi4Eg7GpdWUaQz4oxzVtw+nLIhWzflwTPvrIyUu
f5LJatMXMgJ1DqqjGpt3BHjqJRuwvx8XXe0hwGOhLA2OOeSIcxqeJeBbbtjBcrCY
5CYKy3MqM/NDaiWPoaFmw0xn6x2e/Exb0VjxEE5xEP/cS7zjA6b8azKoh0B0bxeh
ja8aa64++4cEmi6/hLSSBLd0V/FV3lFFtU4RNzfnC2o+QKpcftMguw/xlQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFKCUtWviR9GzmG5hQQFXx6FqtJ92MB8GA1UdIwQY
MBaAFEyTApxbJjnNKbn53VKUzJTvUtavMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEpNQ25Gc21PYzBwdWZuZFVwVE1sTzlTMXE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC83YmQ3MjktOThlNS00M2ZmLWFmZTYt
MTg3YjFmNzdjMWE1LzEvb0pTMWEtSkgwYk9ZYm1GQkFWZkhvV3EwbjNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC83YmQ3MjktOThlNS00M2ZmLWFmZTYtMTg3YjFmNzdjMWE1
LzEvVEpNQ25Gc21PYzBwdWZuZFVwVE1sTzlTMXE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBANb5sgD
BAFb5swDBAK57RwDBAC57okDBAK5/dQDBAHDAtAwDQYJKoZIhvcNAQELBQADggEB
AG6qLdbk7WGM98CPTcW27bFyDqsgLwPh5+RYSMZqqryRnG7iz2jCbDp0RkLdvKls
fmNIh3ZF++5mhudXPUktbEub4FnEq7e4yoYW7lk3E23qKIZQfO136ZDt8BuvyI3y
+zjTKsS4ulsFbrooDXdBlwrVmA7WtaJxIG/6zBFqk7nlttFDtsUb0TIaqb+c21Mk
h+ZkKwhsBttOYASciXRWzN77EH16HtR+TOcYYLGy3KtGX/GDWKiJT0m/LI5lJZqp
BoFDETs0EioV1lQ1ZM7gpjO2Sp1MZwlsXeHHUQb2PNWt8Dm77t5ZZTKDFwA0NdPq
2er3Fxw2iKIJVHF+TOuJ/7A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:12 2024 by rpki-client on console-ams.rpki-client.org